Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/gcKyemfo4j11Ioh2pv6h6rNqWLg.roa
File:                     gcKyemfo4j11Ioh2pv6h6rNqWLg.roa (raw, json)
Hash identifier:          lhXU3mvkrA5bDoIOgTqT64u4btvXlz5wk2tnq8bxhj0=
Subject key identifier:   81:C2:B2:7A:67:E8:E2:3D:75:22:88:76:A6:FE:A1:EA:B3:6A:58:B8
Certificate issuer:       /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial:       01851A24757A59B348B1614476CD24FEE4B9
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/gcKyemfo4j11Ioh2pv6h6rNqWLg.roa
Signing time:             Fri 16 Dec 2022 08:54:34 +0000
ROA not before:           Fri 16 Dec 2022 08:54:34 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     43260
IP address blocks:        85.133.227.0/24 maxlen: 24
                          85.133.228.0/24 maxlen: 24
                          85.133.233.0/24 maxlen: 24
                          85.133.234.0/24 maxlen: 24
                          85.133.237.0/24 maxlen: 24
                          85.133.238.0/24 maxlen: 24
                          85.133.236.0/24 maxlen: 24
                          85.133.241.0/24 maxlen: 24
                          85.133.242.0/24 maxlen: 24
                          85.133.250.0/24 maxlen: 24
                          85.133.253.0/24 maxlen: 24
                          85.133.174.0/24 maxlen: 24
                          85.133.178.0/24 maxlen: 24
                          85.133.179.0/24 maxlen: 24
                          85.133.194.0/24 maxlen: 24
                          85.133.199.0/24 maxlen: 24
                          85.133.202.0/24 maxlen: 24
                          85.133.205.0/24 maxlen: 24
                          85.133.208.0/24 maxlen: 24
                          85.133.216.0/24 maxlen: 24
                          85.133.217.0/24 maxlen: 24
                          85.133.215.0/24 maxlen: 24
                          85.133.218.0/24 maxlen: 24
                          85.133.219.0/24 maxlen: 24
                          85.133.221.0/24 maxlen: 24
                          85.133.222.0/24 maxlen: 24
                          85.133.225.0/24 maxlen: 24
                          85.133.132.0/24 maxlen: 24
                          85.133.136.0/24 maxlen: 24
                          85.133.137.0/24 maxlen: 24
                          85.133.135.0/24 maxlen: 24
                          85.133.143.0/24 maxlen: 24
                          85.133.146.0/24 maxlen: 24
                          85.133.151.0/24 maxlen: 24
                          85.133.153.0/24 maxlen: 24
                          85.133.156.0/24 maxlen: 24
                          85.133.166.0/24 maxlen: 24
                          85.133.160.0/24 maxlen: 24
                          85.133.161.0/24 maxlen: 24
                          85.133.164.0/24 maxlen: 24
                          85.133.165.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:1a:24:75:7a:59:b3:48:b1:61:44:76:cd:24:fe:e4:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
        Validity
            Not Before: Dec 16 08:54:34 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=81c2b27a67e8e23d75228876a6fea1eab36a58b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:0f:23:4a:31:0f:7e:b9:6e:f8:75:40:74:b8:
                    57:c4:3a:50:64:c6:9c:e5:b7:e2:8a:96:0b:87:16:
                    78:cb:5e:ea:07:25:1d:0d:da:0e:63:6f:df:a9:bc:
                    a6:6d:34:5f:5e:59:99:e5:a7:2a:17:31:ee:28:73:
                    bf:ca:68:56:36:21:e9:f8:ab:43:e6:af:f8:a3:6a:
                    89:b6:59:a4:bb:e2:ee:44:b0:9f:99:6f:4a:3a:31:
                    fb:9a:6e:7c:d0:21:58:82:0d:27:3c:3a:3a:37:52:
                    01:5a:d1:f1:fc:4c:fa:14:e4:40:7f:b5:59:ef:0c:
                    7f:31:f9:f1:8d:4c:1c:28:d4:5e:07:c2:df:18:51:
                    f6:2c:dd:61:84:6a:91:d9:1f:7d:d1:5c:b7:cb:f7:
                    6c:35:ea:05:1e:ae:a9:f0:aa:13:b1:fd:9b:9e:ac:
                    63:49:0f:07:f5:9a:92:94:91:50:bb:a0:a7:0f:97:
                    de:39:1f:d3:d0:c6:79:26:03:5d:e1:83:00:98:9c:
                    67:37:af:d9:1a:1d:8f:8b:c8:45:9f:ce:bb:33:13:
                    b2:09:4f:a8:4c:c8:6d:b3:7f:ae:c6:d7:b6:99:59:
                    f3:59:35:fa:bb:ef:c5:fc:9e:39:99:ec:20:0a:66:
                    7a:67:b6:28:9c:4c:84:eb:b3:ac:2a:17:a9:6a:e9:
                    fd:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:C2:B2:7A:67:E8:E2:3D:75:22:88:76:A6:FE:A1:EA:B3:6A:58:B8
            X509v3 Authority Key Identifier:
                keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/gcKyemfo4j11Ioh2pv6h6rNqWLg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.133.132.0/24
                  85.133.135.0-85.133.137.255
                  85.133.143.0/24
                  85.133.146.0/24
                  85.133.151.0/24
                  85.133.153.0/24
                  85.133.156.0/24
                  85.133.160.0/23
                  85.133.164.0-85.133.166.255
                  85.133.174.0/24
                  85.133.178.0/23
                  85.133.194.0/24
                  85.133.199.0/24
                  85.133.202.0/24
                  85.133.205.0/24
                  85.133.208.0/24
                  85.133.215.0-85.133.219.255
                  85.133.221.0-85.133.222.255
                  85.133.225.0/24
                  85.133.227.0-85.133.228.255
                  85.133.233.0-85.133.234.255
                  85.133.236.0-85.133.238.255
                  85.133.241.0-85.133.242.255
                  85.133.250.0/24
                  85.133.253.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7c:bc:2b:d3:64:8a:81:96:50:a4:78:68:af:db:8d:0b:22:43:
         df:5f:b6:e6:36:4d:6d:cc:cf:9e:0a:c4:b6:db:16:4d:69:61:
         65:2c:7e:b0:c6:d3:4b:d7:df:aa:1a:86:1e:ae:ec:1e:4d:3f:
         b8:d0:4b:8a:bd:5d:8f:db:75:66:0b:ce:ad:72:ea:df:9e:18:
         81:62:09:e3:b7:53:df:2d:be:65:c0:60:0c:a3:7b:2c:a7:9c:
         1c:0a:d2:7d:3b:6a:7c:c5:60:66:df:d3:08:50:26:73:40:b1:
         65:e6:ba:b8:00:df:5d:63:c2:21:a6:8d:e4:c7:82:b9:59:90:
         ea:4f:9a:ac:9c:fd:86:2d:90:8e:25:00:0a:50:2f:5e:fc:ab:
         9a:a2:0b:61:a0:40:dc:1e:08:48:07:61:4e:16:6f:4d:19:52:
         b5:cc:fb:46:11:a8:7f:48:30:d5:fd:70:0c:a3:85:8a:ec:da:
         55:28:8c:0b:08:8a:8f:20:ee:8f:b2:92:08:5b:e5:3d:da:5b:
         37:2c:b5:1a:95:9f:0a:bd:f5:26:39:7b:0d:47:6d:e4:01:72:
         53:c1:91:71:19:f6:60:f9:f0:06:b1:1c:50:e2:c9:c1:7e:58:
         0c:99:2c:c8:a9:58:74:f5:4d:f0:ad:58:7b:86:af:42:ee:74:
         29:83:46:24
-----BEGIN CERTIFICATE-----
MIIF0jCCBLqgAwIBAgISAYUaJHV6WbNIsWFEds0k/uS5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjIxMjE2MDg1NDM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWMyYjI3YTY3ZThlMjNkNzUyMjg4NzZhNmZlYTFlYWIzNmE1OGI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvA8jSjEPfrlu+HVAdLhXxDpQZMac
5bfiipYLhxZ4y17qByUdDdoOY2/fqbymbTRfXlmZ5acqFzHuKHO/ymhWNiHp+KtD
5q/4o2qJtlmku+LuRLCfmW9KOjH7mm580CFYgg0nPDo6N1IBWtHx/Ez6FORAf7VZ
7wx/MfnxjUwcKNReB8LfGFH2LN1hhGqR2R990Vy3y/dsNeoFHq6p8KoTsf2bnqxj
SQ8H9ZqSlJFQu6CnD5feOR/T0MZ5JgNd4YMAmJxnN6/ZGh2Pi8hFn867MxOyCU+o
TMhts3+uxte2mVnzWTX6u+/F/J45mewgCmZ6Z7YonEyE67OsKhepaun9aQIDAQAB
o4IC3jCCAtowHQYDVR0OBBYEFIHCsnpn6OI9dSKIdqb+oeqzali4MB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvZ2NLeWVtZm80ajExSW9oMnB2Nmg2ck5xV0xnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHzBggrBgEFBQcBBwEB/wSB4zCB4DCB3QQCAAEwgdYDBABV
hYQwDAMEAFWFhwMEAVWFiAMEAFWFjwMEAFWFkgMEAFWFlwMEAFWFmQMEAFWFnAME
AVWFoDAMAwQCVYWkAwQAVYWmAwQAVYWuAwQBVYWyAwQAVYXCAwQAVYXHAwQAVYXK
AwQAVYXNAwQAVYXQMAwDBABVhdcDBAJVhdgwDAMEAFWF3QMEAFWF3gMEAFWF4TAM
AwQAVYXjAwQAVYXkMAwDBABVhekDBABVheowDAMEAlWF7AMEAFWF7jAMAwQAVYXx
AwQAVYXyAwQAVYX6AwQAVYX9MA0GCSqGSIb3DQEBCwUAA4IBAQB8vCvTZIqBllCk
eGiv240LIkPfX7bmNk1tzM+eCsS22xZNaWFlLH6wxtNL19+qGoYeruweTT+40EuK
vV2P23VmC86tcurfnhiBYgnjt1PfLb5lwGAMo3ssp5wcCtJ9O2p8xWBm39MIUCZz
QLFl5rq4AN9dY8Ihpo3kx4K5WZDqT5qsnP2GLZCOJQAKUC9e/KuaogthoEDcHghI
B2FOFm9NGVK1zPtGEah/SDDV/XAMo4WK7NpVKIwLCIqPIO6PspIIW+U92ls3LLUa
lZ8KvfUmOXsNR23kAXJTwZFxGfZg+fAGsRxQ4snBflgMmSzIqVh09U3wrVh7hq9C
7nQpg0Yk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:13 2024 by rpki-client on console-fra.rpki-client.org